Search Results

Software development teams must use Git for code versioning and tracking of changes made on files.

A Version Control System (VCS) must be used within the organization to host git repositories. At minimum, the VCS should have the following features: concurrent development, automation, team collaboration, tracking of changes, high availability and disaster re...

Each application hosted on VCS must have at minimum three protected branches: development, test and production. Direct commits to protected branches is prohibited. Only reviewed and approved merge/pull requests shall be allowed to land on protected branches.

Test branch must always contain tagged version from development branch and production branch must always contain tagged version from the test branch.

Infrastructure as code is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. All deployment, delivery, packaging configuratio...

Containers provide an isolated environment for running software. Docker or Kubernetes is the recommended containerization technology, and each developed application/software must have a containerized version. 

The technical goal of CI/CD is to establish a consistent and automated way to build, package, test and deliver applications. All repositories hosting source codes must be configured for CI/CD and each push or merge to any protected branch of the VCS must trigg...

Linux-based Operating systems are recommended and the same version of the OS must be installed in all environments.

SSH login for root user must be disabled and a dedicated user with sudo access for CI/CD pipelines and automation must be created and used. All users must use passwordless authentication to access the servers. User access to software and database must be confi...

Regular backup of data and of the whole OS must be taken and this task must be automated.

Different environments must be available for deployment of applications in development, testing and production. Access to these environments must be given to very few persons and they must use personalized login credentials. The web server must also be configu...

Monitoring tools for infrastructure must be available and configured with alerts for when servers malfunction. 

Each server must be configured to track and log each access to the server. These access logs must be available on an additional different server for failover.

This guideline shall come into force on the date of its signature by the Chief Executive Officer of RISA.

In today's digital age, mobile applications have become indispensable tools for governments worldwide, fostering efficient communication, enhancing public services and facilitating citizen engagement. As government institutions increasingly embrace mobile tech...

This document outlines the guidelines for the development and management of mobile applications for Government of Rwanda institutions with the objective of making them citizen-centric and secure. They apply to all Government institutions which may wish to deve...

Mobile application projects should be approved before commencing and should follow the approval process defined in the RISA software lifecycle management guidelines and ICT spend control guidelines Once a mobile application is developed, written approval fo...

Mobile applications should not replace other Government service delivery channels but rather should complement them. Mobile applications should not be the only means of providing information or service Mobile applications content should align with content that...

Mobile applications should only be developed if they provide the best way option to deliver a service or automate a process. Developers should consider other alternatives such as creating a mobile optimised website which may be more cost effective and easier t...

Adhere to design guidelines and principles provided by each platform such as the Material Design for Android and Human Interface Guidelines for iOS